|
|
|
|
HIPAA security compliance – how we can help
If you answered yes to any of these questions you may not meet HIPAA security compliance. The new standards in the EPHI (Electronic Protected Health Information) guidelines will require all offices to secure and implement regulations and policies with their electronic patients. All data must be protected from intrusion and loss. This means technical security restraints and parameters must be put in place. St. James Consulting can help. We can put together a security, disaster and internet policy plan which will keep you in compliance, saving you valuable time and money. For more information or to schedule an appointment, contact St. James Consulting. What is the Difference between Security and Privacy? Security—relates to the means (process and technology) by which an entity protects the privacy of health information. The goals of security measures are to keep information secured, and decrease the means of tampering, destruction, or inappropriate access. There are four categories of requirements: Administrative Procedures—documented, formal practices to protect data Physical Safeguards—protect data from fire, other natural and environmental hazards, and intrusion Technical Security Services—protect information and control individual access to information Technical Security Mechanisms—guard against unauthorized access to data over communications network
Note: there are civil penalties when entities/individuals violate the privacy rule § Civil Penalties (disclosures made in error) § $100 per violation - Capped at $25,000 per year § Criminal Penalties (knowing violations) § Max $5,000 and/or 1 yr. (wrongful disclosure) § Max $100,000 and/or 5 yrs. (False pretenses) § Max $250,000 and/or 10 yrs. (Profit/malice) § Private Lawsuits |
|
Send mail to
webmaster@stjamesc.com with
questions or comments about this web site.
|